I recently integrated an LMS 3.2 installation with ACS by following the "CiscoWorks LMS integration with Cisco Secure ACS" white paper. I used a similar structure with central administrators and sub-groups (such as "NorCal" in the white paper) which have SupserAdmin rights to a limited set of devices based on an NDG. It works exactly as expected.
A security person on my team has 2 security questions that I'm trying to research the answers.
1. Since the causer Windows account is used to execute all batch jobs, is there any way for someone in the the sub-group "NorCal" to execute a batch job that gives him access to devices outside his designated NGD or does he have the ability to generate reports for devices outside his NDG?
2. If the sub-group "NorCal" is given SuperAdmin rights to the LMS Server NDG as per the White Paper, does this let the sub-group change LMS settings that affect the central administrators?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...